Adding patchinfo patchinfo.20240711084522434926.255638743075857
This commit is contained in:
parent
35304c4c80
commit
41ae917be9
101
patchinfo.20240711084522434926.255638743075857/_patchinfo
Normal file
101
patchinfo.20240711084522434926.255638743075857/_patchinfo
Normal file
@ -0,0 +1,101 @@
|
||||
<patchinfo>
|
||||
<!-- generated from request(s) 339484, 338850, 342356 -->
|
||||
<issue tracker="bnc" id="1221763">ptrace(PTRACE_ATTACH) fails on processes of the same user</issue>
|
||||
<issue tracker="bnc" id="1222548">VUL-0: CVE-2024-2511: openssl-1_1,openssl-3:Unbounded memory growth with session handling in TLSv1.3</issue>
|
||||
<issue tracker="bnc" id="1222899">[SECURITY] openSSL 3.1.x EC doesn't work with tpm2</issue>
|
||||
<issue tracker="bnc" id="1223306">Userspace livepatch application fails: ulp: Unable to get section data.</issue>
|
||||
<issue tracker="bnc" id="1223336">openssl-3: variations in openssl-3-debugsource</issue>
|
||||
<issue tracker="bnc" id="1223428">SUSE:SLE-15-SP6:GA openssl-3 not livepatch enabled</issue>
|
||||
<issue tracker="bnc" id="1224388">VUL-0: CVE-2024-4603: openssl-3: excessive time spent checking DSA keys and parameters</issue>
|
||||
<issue tracker="bnc" id="1225291">[NetApp SLES15 SP6 Bug]: NVMe/TCP TLS connection fails due to handshake failure</issue>
|
||||
<issue tracker="bnc" id="1225551">VUL-0: CVE-2024-4741: openssl-1_1,openssl-3: Use After Free with SSL_free_buffers</issue>
|
||||
<issue tracker="bnc" id="1227138">VUL-0: CVE-2024-5535: openssl: SSL_select_next_proto buffer overread</issue>
|
||||
<issue tracker="cve" id="2024-2511"/>
|
||||
<issue tracker="cve" id="2024-4603"/>
|
||||
<issue tracker="cve" id="2024-4741"/>
|
||||
<issue tracker="cve" id="2024-5535"/>
|
||||
<issue tracker="cve" id="2024-6119"/>
|
||||
<issue tracker="bnc" id="1229465">VUL-0: EMBARGOED: CVE-2024-6119: openssl-3: possible denial of service in X.509 name checks</issue>
|
||||
<issue tracker="bnc" id="1221365">[FIPS][OpenSSL-3] Service Level Indicator is needed</issue>
|
||||
<issue tracker="bnc" id="1221760">[FIPS][OpenSSL-3] Selftests are required</issue>
|
||||
<issue tracker="bnc" id="1221753">[FIPS][OpenSSL-3] Error state has to be enforced</issue>
|
||||
<issue tracker="bnc" id="1220523">[FIPS][OpenSSL-3] Entropy Source </issue>
|
||||
<issue tracker="bnc" id="1221786">[FIPS][OpenSSL-3] Use of non-Approved Elliptic Curves</issue>
|
||||
<issue tracker="bnc" id="1221751">[FIPS][OpenSSL-3] The FIPS module shall provide an output possibility</issue>
|
||||
<issue tracker="bnc" id="1221821">[FIPS][OpenSSL-3] FIPS Domain Parameters</issue>
|
||||
<issue tracker="bnc" id="1221827">[FIPS][OpenSSL-3] Recommendation for Password-Based Key Derivation</issue>
|
||||
<issue tracker="bnc" id="1221752">[FIPS][OpenSSL-3] Zeroisation is required</issue>
|
||||
<issue tracker="bnc" id="1220690">[FIPS][OpenSSL-3] Primary DRBG for openssl needs to have prediction resistance enabled or it shall be reseeded every time before providing an output to the caller.</issue>
|
||||
<issue tracker="bnc" id="1220693">[FIPS][OpenSSL-3] Add oversampling of the noise source to comply with requirements of NIST SP 800-90C.</issue>
|
||||
<issue tracker="bnc" id="1220696">[FIPS][OpenSSL-3] Change CRNG buf size to align with output size of the Jitter RNG.</issue>
|
||||
<issue tracker="bnc" id="1221824">[FIPS][OpenSSL-3] NIST SP 800-56Brev2</issue>
|
||||
<issue tracker="bnc" id="1221787">[FIPS][OpenSSL-3] Approved Modulus Sizes for RSA Digital Signature for FIPS 186-4</issue>
|
||||
<issue tracker="bnc" id="1221822">[FIPS][OpenSSL-3] NIST SP 800-56Arev3</issue>
|
||||
<issue tracker="bnc" id="1226463">algif_hash in kernel-obs-build causes an openssl-1_1 test failure</issue>
|
||||
<issue tracker="gh" id="openssl/openssl#23448"/>
|
||||
<issue tracker="gh" id="openssl/openssl#23456"/>
|
||||
<packager>gbelinassi</packager>
|
||||
<rating>important</rating>
|
||||
<category>security</category>
|
||||
<summary>Security update for openssl-3, libpulp, ulp-macros</summary>
|
||||
<description>This update for openssl-3, libpulp, ulp-macros fixes the following issues:
|
||||
|
||||
openssl-3:
|
||||
- CVE-2024-6119: possible denial of service in X.509 name checks (bsc#1229465)
|
||||
- CVE-2024-5535: SSL_select_next_proto buffer overread (bsc#1227138)
|
||||
- CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers (bsc#1225551)
|
||||
- CVE-2024-4603: Check DSA parameters for excessive sizes before validating (bsc#1224388)
|
||||
- CVE-2024-2511: Fix unconstrained session cache growth in TLSv1.3 (bsc#1222548)
|
||||
- FIPS: Deny SHA-1 signature verification in FIPS provider (bsc#1221365)
|
||||
- FIPS: RSA keygen PCT requirements. (bsc#1221760, bsc#1221753)
|
||||
- FIPS: Check that the fips provider is available before setting it as the default provider in FIPS mode. (bsc#1220523)
|
||||
- FIPS: Port openssl to use jitterentropy (bsc#1220523)
|
||||
- FIPS: Block non-Approved Elliptic Curves (bsc#1221786)
|
||||
- FIPS: Service Level Indicator (bsc#1221365)
|
||||
- FIPS: Output the FIPS-validation name and module version which uniquely identify the FIPS validated module. (bsc#1221751)
|
||||
- FIPS: Add required selftests (bsc#1221760)
|
||||
- FIPS: DH: Disable FIPS 186-4 Domain Parameters (bsc#1221821)
|
||||
- FIPS: Recommendation for Password-Based Key Derivation (bsc#1221827)
|
||||
- FIPS: Zeroization is required (bsc#1221752)
|
||||
- FIPS: Reseed DRBG (bsc#1220690, bsc#1220693, bsc#1220696)
|
||||
- FIPS: NIST SP 800-56Brev2 (bsc#1221824)
|
||||
- FIPS: Approved Modulus Sizes for RSA Digital Signature for FIPS 186-4 (bsc#1221787)
|
||||
- FIPS: Port openssl to use jitterentropy (bsc#1220523)
|
||||
- FIPS: NIST SP 800-56Arev3 (bsc#1221822)
|
||||
- FIPS: Error state has to be enforced (bsc#1221753)
|
||||
- Build with enabled sm2 and sm4 support (bsc#1222899)
|
||||
- fix non-reproducible build issue
|
||||
- Fix HDKF key derivation (bsc#1225291)
|
||||
- Enable livepatching support (bsc#1223428)
|
||||
|
||||
libpulp:
|
||||
- Update package with libpulp-0.3.5
|
||||
* Change .so load policy from lazy to eager.
|
||||
* Fix patch of references when mprotect is enabled.
|
||||
* Fix tramposed calloc arguments.
|
||||
* Fix crash of ulp packer on empty lines.
|
||||
|
||||
- Disabled ptrace_scope through aaa_base-enable-ptrace package (bsc#1221763).
|
||||
- Update package with libpulp-0.3.4:
|
||||
* Add debuginfo into ulp extract.
|
||||
|
||||
- Disabled ptrace_scope when building the package (bsc#1221763).
|
||||
- Update package with libpulp-0.3.3:
|
||||
* Fixed a race condition when process list is empty.
|
||||
* Removed "Unable to get section data" error message (bsc#1223306).
|
||||
* Bumped asunsafe_conversion attempts from 100 to 2000.
|
||||
* Fixed banner test on clang-18.
|
||||
* Check if ptrace_scope is enabled when attempting a ptrace operation (bsc#1221763).
|
||||
|
||||
- Update package with libpulp-0.3.1:
|
||||
* Add timestamp information on `ulp patches`.
|
||||
|
||||
ulp-macros:
|
||||
- Initial release.
|
||||
</description>
|
||||
<package>libpulp</package>
|
||||
<package>openssl-3</package>
|
||||
<package>ulp-macros</package>
|
||||
<package>jitterentropy</package>
|
||||
<seperate_build_arch/>
|
||||
</patchinfo>
|
Loading…
Reference in New Issue
Block a user